[103858] in North American Network Operators' Group
Re: enterprise change/configuration management and compliance software?
daemon@ATHENA.MIT.EDU (Matthew Petach)
Tue Apr 15 16:33:07 2008
Date: Tue, 15 Apr 2008 13:30:54 -0700
From: "Matthew Petach" <mpetach@netflight.com>
To: jamie <j@arpa.com>
Cc: nanog@merit.edu
In-Reply-To: <6ff30abd0804142113n7fcc0772o51c1e922b0c16816@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On Mon, Apr 14, 2008 at 9:13 PM, jamie <j@arpa.com> wrote:
> Gentlemen (and Ren!): ;-)
>
> I'm currently investigating options w.r.t. enterprise-wide (over 250
> device, and by 'device' i mean router and/or switch) configuration
> management (and (ideally) compliance-auditing_and_assurance) software.
>
> We currently use Voyence (now EMC) and are looking into other options for
> various reasons, support being in the top-3 ...
>
> So, I pose: To you operators of multi-hundred-device networks : what do
> you use for such purposes(*) ?
> (*)see subject
We have several thousand network devices currently in play:
mpetach@nowherespecial:/tftp/conf/latest> ls *.conf | wc -l
7419
mpetach@nowherespecial:/tftp/conf/latest>
I hand read each device configuration check-in email that goes past
to see if there's errors in the configs, security violations, or other WTF-ish
elements in the config check-in, and mail back a nag notice to the
person who changed the config.
Currently, I received between 1900 and 3000 email messages a day.
I sleep 3 hours a night.
> jamie rishaw
Hope that helps answer your question.
Matt
